新建mapping

新建索引： PUT logstash-redis-log-2017.12

PUT logstash-redis-log-2017.12/_mapping/redis-log

{ "properties" : {

"@timestamp" : {

"type" : "date"

},

"@version" : {

"type" : "text",

"fields" : {

"keyword" : {

"type" : "keyword",

"ignore_above" : 256

}

},

"Query" : {

"type" : "text",

"fields" : {

"keyword" : {

"type" : "keyword",

"ignore_above" : 256

}

},

"Rt" : {

"type" : "long",

"fields" : {

"keyword" : {

"type" : "keyword",

"ignore_above" : 256

}

},

"dest_ip" : {

"type" : "text",

"fields" : {

"keyword" : {

"type" : "keyword",

"ignore_above" : 256

}

},

"dest_port" : {

"type" : "text",

"fields" : {

"keyword" : {

"type" : "keyword",

"ignore_above" : 256

}

},

"kafka" : {

"properties" : {

"consumer_group" : {

"type" : "text",

"fields" : {

"keyword" : {

"type" : "keyword",

"ignore_above" : 256

}

},

"offset" : {

"type" : "long"

},

"partition" : {

"type" : "long"

},

"topic" : {

"type" : "text",

"fields" : {

"keyword" : {

"type" : "keyword",

"ignore_above" : 256

}

},

"message" : {

"type" : "text",

"fields" : {

"keyword" : {

"type" : "keyword",

"ignore_above" : 256

}

},

"request_len" : {

"type" : "long",

"fields" : {

"keyword" : {

"type" : "keyword",

"ignore_above" : 256

}

},

"request_ts" : {

"type" : "long",

"fields" : {

"keyword" : {

"type" : "keyword",

"ignore_above" : 256

}

},

"response_len" : {

"type" : "long",

"fields" : {

"keyword" : {

"type" : "keyword",

"ignore_above" : 256

}

},

"souce_ip" : {

"type" : "text",

"fields" : {

"keyword" : {

"type" : "keyword",

"ignore_above" : 256

}

新建索引： PUT logstash-iis-log-2017.12

PUT logstash-iis-log-2017.12/_mapping/iis-log

{

"properties": {

"@timestamp": {

"type": "date"

},

"@version": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"c-ip": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"cs": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"cs-bytes": {

"type": "long",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"cs-host": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"cs-method": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"cs-uri-query": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"cs-uri-stem": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"kafka": {

"properties": {

"consumer_group": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"offset": {

"type": "long"

},

"partition": {

"type": "long"

},

"topic": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"message": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"s-ip": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"s-port": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"sc-bytes": {

"type": "long",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"sc-status": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"sc-substatus": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"sc-win32-status": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"tags": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"time-taken": {

"type": "long",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"timestamp": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"type": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

新建template

Collapse source

PUT _template/logstash-iislog

{

"template" : "logstash-iislog-*",

"settings" : {

"index.refresh_interval" : "5s"

},

"mappings" : {

"iislog" : {

"dynamic_templates" : [ {

"string_fields" : {

"match" : "*",

"match_mapping_type" : "string",

"mapping" : {

"type" : "string", "index" : "not_analyzed", "omit_norms" : true

}

} ],

"properties": {

"@timestamp": {

"type": "date"

},

"@version": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"c-ip": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"cs": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"cs-bytes": {

"type": "long",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"cs-host": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"cs-method": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"cs-uri-query": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"cs-uri-stem": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"kafka": {

"properties": {

"consumer_group": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"offset": {

"type": "long"

},

"partition": {

"type": "long"

},

"topic": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"message": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"s-ip": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"s-port": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"sc-bytes": {

"type": "long",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"sc-status": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"sc-substatus": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"sc-win32-status": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"tags": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"time-taken": {

"type": "long",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"timestamp": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"type": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

iis字段全选：

Collapse source

PUT _template/logstash-iis-ex

{

"template" : "logstash-iis-ex-*",

"settings" : {

"index.refresh_interval" : "5s"

},

"mappings" : {

"iis-ex" : {

"dynamic_templates" : [ {

"string_fields" : {

"match" : "*",

"match_mapping_type" : "string",

"mapping" : {

"type" : "string", "index" : "not_analyzed", "omit_norms" : true

}

} ],

"properties": {"cs-method": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"cs-uri-stem": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"cs-uri-query": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"sc-substatus": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"s-computername": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"cs-username": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"type": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"sc-win32-status": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"cs-host": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"cs-version": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"@version": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"timestamp": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"s-sitename": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"cs-bytes": {"type": "long",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"message": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"tags": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"time-taken": {"type": "long",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"cs": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"@timestamp": {"type": "date"

},

"s": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"s-ip": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"kafka": {"properties": {"consumer_group": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"partition": {"type": "long"

},

"offset": {"type": "long"

},

"topic": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"s-port": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"sc-bytes": {"type": "long",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

},

"c-ip": {"type": "text",

"fields": {"keyword": {"ignore_above": 256,

"type": "keyword"

}

elasticsearch-template.json

Collapse source

{

"template" : "logstash-iis-log-*",

"settings" : {

"index.refresh_interval" : "5s"

},

"mappings" : {

"iis-log" : {

"dynamic_templates" : [ {

"string_fields" : {

"match" : "*",

"match_mapping_type" : "string",

"mapping" : {

"type" : "string", "index" : "not_analyzed", "omit_norms" : true

}

} ],

"properties": {

"cs-method": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"s-sitename": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"cs-uri-stem": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"cs-bytes": {

"type": "long",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"cs-uri-query": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"sc-substatus": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"s-computername": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"cs-username": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"message": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"type": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"time-taken": {

"type": "long",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"cs": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"sc-win32-status": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"@timestamp": {

"type": "date"

},

"cs-host": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"cs-version": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"s-ip": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"kafka": {

"properties": {

"consumer_group": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"partition": {

"type": "long"

},

"offset": {

"type": "long"

},

"topic": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"s-port": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"sc-status": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"@version": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"sc-bytes": {

"type": "long",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"c-ip": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

},

"timestamp": {

"type": "text",

"fields": {

"keyword": {

"ignore_above": 256,

"type": "keyword"

}

PUT _template/f5-request

Collapse source

PUT _template/f5-request

{

"template" : "f5-request-*",

"settings" : {

"index.refresh_interval" : "5s"

},

"mappings": {

"f5-request": {

"dynamic_templates" : [ {

"string_fields" : {

"match" : "*",

"match_mapping_type" : "string",

"mapping" : {

"type" : "string", "index" : "not_analyzed", "omit_norms" : true

}

} ],

"properties": {

"@timestamp": {

"type": "date"

},

"@version": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"agent": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"bytes": {

"type": "long"

},

"clientip": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"geoip": {

"properties": {

"city_name": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"continent_code": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"country_code2": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"country_code3": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"country_name": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"ip": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"latitude": {

"type": "float"

},

"location": {

"type": "geo_point",

"ignore_malformed": "true"

},

"longitude": {

"type": "float"

},

"region_code": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"region_name": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"timezone": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"httpmethod": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"httpuri": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"httpversion": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"kafka": {

"properties": {

"consumer_group": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"offset": {

"type": "long"

},

"partition": {

"type": "long"

},

"topic": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"message": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"referer": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"response": {

"type": "long"

},

"response_ms": {

"type": "long"

},

"server": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"server_port": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"snat": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"tags": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"timestamp": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"type": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"user": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"virtual_ip": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"virtual_name": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"virtual_pool_name": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

},

"virtual_port": {

"type": "text",

"fields": {

"keyword": {

"type": "keyword",

"ignore_above": 256

}

新建mapping的更多相关文章

Zabbix实战-简易教程--监控OSPF
一.需求背景网络工程师需要对OSPF进行监控,需求如下: 1.状态展示 OSPF区域状态 OSPF接口状态 OSPF邻居状态 2.问题报警触发器设置: a.OSPF区域状态 b.OSPF接口状态 ...
手把手教你搭建SSH框架（Eclipse版）
原文来自公众号[C you again],若需下载完整源码,请在公众号后台回复"ssh". 本期文章详细讲解了SSH(Spring+SpringMVC+Hibernate)框架的搭 ...
Atitit s2018.2 s2 doc list on home ntpc.docx \Atiitt uke制度体系法律法规规章条例国王诏书.docx \Atiitt 手写文字识别讯飞科大语音云.docx \Atitit 代码托管与虚拟主机.docx \Atitit 企业文化每日心灵鸡汤值班发布.docx \Atitit 几大研发体系对比 Stage-Gat
Atitit s2018.2 s2 doc list on home ntpc.docx \Atiitt uke制度体系法律法规规章条例国王诏书.docx \Atiitt 手写文字识别 ...
新建SpringBoot项目运行页面报错Whitelabel Error Page This application has no explicit mapping for /error, so yo
新建SpringBoot项目运行页面报错Whitelabel Error Page This application has no explicit mapping for /error, so yo ...
Intellij Idea 15 下新建 Hibernate 项目以及如何添加配置
1.说明:Idea 下,项目对应于 Eclipse 下的 workspace,Module 对应于 Eclipse 下的项目.Idea 下,新添加的项目既可以单独作为一个 Project,也可以作为一 ...
使用MyBatis Generator自动创建代码(dao,mapping,poji)
连接的数据库为SQL server2008,所以需要的文件为sqljdbc4.jar 使用的lib库有: 在lib库目录下新建一个src文件夹用来存放生成的文件,然后新建generatorConfig ...
[NHibernate]O/R Mapping基础
系列文章 [Nhibernate]体系结构 [NHibernate]ISessionFactory配置 [NHibernate]持久化类(Persistent Classes) 引言对象和关系数据库 ...
NHibernate系列文章二十八：NHibernate Mapping之Auto Mapping（附程序下载）
摘要上一篇文章介绍了Fluent NHibernate基础知识.但是,Fluent NHibernate提供了一种更方便的Mapping方法称为Auto Mapping.只需在代码中定义一些Conv ...
NHibernate系列文章二十七：NHibernate Mapping之Fluent Mapping基础（附程序下载）
摘要从这一节起,介绍NHibernate Mapping的内容.前面文章都是使用的NHibernate XML Mapping.NHibernate XML Mapping是NHibernate最早 ...

随机推荐

CF755G PolandBall and Many Other Balls/soj 57送饮料
题意:长度为n的序列,相邻两个或单独一个可以划分到一个组,每个元素最多处于一个组. 问恰好分割成k(1<=k<=m)段有多少种方案? 标程: #include<bits/stdc++ ...
C#发邮件之命名空间System.Net.Mail
1.添加一个类,取名为Email public class Email { /// <summary> /// 发送方发送方服务器地址 /// </summary> publi ...
安装percona-toolkit.rpm时候报错：perl(Time::HiRes) is needed by percona-toolkit-2.2.16-1.noarch
1.安装percona-toolkit.rpm时候报错: warning: percona-toolkit.rpm: Header V4 DSA/SHA1 Signature, key ID cd2e ...
leetcood学习笔记-104-二叉树的最大深度
题目描述: 第一次提交: class Solution(object): def maxDepth(self, root): """ :type root: TreeNo ...
Delphi locate函数
使用ADO等数据控件的时候,经常会用到 locate 函数,在结果数据集中查询和定位,下面介绍一下: (一) function Locate(const KeyFields: String; cons ...
Photon Server的服务器端配置
Photon Server与Unity3D的交互分为3篇博文实现 (1)Photon Server的服务器端配置 (2)Photon Server的Unity3D客户端配置 (3)Photon Ser ...
hdu4352-XHXJ's LIS状压DP+数位DP
(有任何问题欢迎留言或私聊 && 欢迎交流讨论哦题意:传送门原题目描述在最下面. 在区间内把整数看成一个阿拉伯数字的集合,此集合中最长严格上升子序列的长度为k的个数. 思路: ...
ionic-Javascript：ionic 上拉菜单(ActionSheet)
ylbtech-ionic-Javascript:ionic 上拉菜单(ActionSheet) 1.返回顶部 1. ionic 上拉菜单(ActionSheet) 上拉菜单(ActionSheet) ...
Git 学习（二）Git 基础
Git 基础 Git 在保存和对待各种信息的时候与其它版本控制系统如 SVN 等等有很大差异,尽管操作起来的命令形式非常相近,理解这些差异将有助于防止你使用中的困惑. Git 记录的是什么? 如果有使 ...
Hadoop安装成功之后，访问不了web界面的50070端口怎么解决？
Hadoop安装成功之后,访问不了web界面的50070端口先查看端口是否启用 [hadoop@s128 sbin]$ netstat -ano |grep 50070 然后查看防火墙的状态,是否关 ...

新建mapping

新建mapping的更多相关文章

随机推荐

热门专题